Planning for Information Security
This course addresses the necessity of developing accurate Business Continuity Plans. Within this scope, emergency response, business resumption, and disaster recovery will be evaluated as critical components to the process. Through review of the planning process, a variety of methods and models will be considered to assist in business impact assessment as well as RISK planning assessment.
Radio Frequency Identification (RFID) Applied Systems
The application of RFID in the context of solving business problems is examined and discussed. Students research how RFID systems improve security of assets, as well as management of product distribution, tracking, and security controls as related to individual industries, career or fields of study.
Operating System and Computer Systems Security
The student’s basic network and operating system skills will be expanded to include planning, implementation, and auditing of a system’s security package. The following topics are covered: Security Principles (Windows 2000 Security Architecture, Linux Security), Account Security (Securing Accounts, Passwords, Password Aging, and Verification of System State), File System Security (Windows 2000, XP File Security, NAS Storage Security), Accessing Risk (Key loggers, Sniffers, Port Scanning), Risk Analysis (Viruses, Patches, Packaging Techniques), and Encryption.
Web and Data Security
This course will help students build a security policy and SOP for an organization which is implementing a new network and web infrastructure. Topics include the following: Security Education and Advisory, Risk Management, Threats to IT Assets, Encryption, Standards and Compliance, and Security Testing and Implementation.
This course covers the concepts, drivers, challenges, and techniques for developing business intelligence (BI) solutions and supporting technologies. Also covered are techniques for managing the project life cycle in the design and development of BI solutions using best practices. Different methods of information delivery such as web and desktop reporting, query and data analysis, OLAP, visualization, dashboards, and scorecards are explored.
Incident Handling and Response
Incident Handling and Response: This course will teach students the Incident Response foundation. Students will learn planning and preparation that includes: developing an effective incident response policy and plan, assigning roles and responsibilities, creating and using an effective incident response operation, and how to monitor its performance. Students will build skills and knowledge in these areas by performing exercises that simulate real world problems.
This class builds upon ethical security practices by performing prescribed techniques while increasing the student's knowledge, skills, and abilities. Topics covered include ethics, standards, methodologies, tools/techniques, and legal ramifications. Summative report development and presentations of findings will be included.
Industrial Control Systems (ICS) Security
Industrial Control Systems are the heart of America's vital power, water and manufacturing facilities. The security of these systems are often linked with generic operating systems like Microsoft Windows and are often connected to the Internet and should be under greater scrutiny. Students will research how ICS functions, the critical infrastructure that they support as well as steps that can be taken to improve the overall security of ICS systems.
This course provides students with an understanding of the SCADA environment and architecture from a security perspective. The security emphasis includes strategies for patching, upgrading, backup, recovery, and business continuity issues. The course also provides students with the knowledge needed to identify SCADA components and how those components function as a system.
SCADA Risk Management and Auditing
This course teaches students the necessity of performing risk management and auditing on SCADA systems and environments. It helps students develop risk management and auditing frameworks, as well as the core skills necessary to audit a SCADA system/environment and to manage risks.
Topics in Information Assurance
This course is an intensive study of selected contemporary topics in Information Assurance. Emphasis is placed on research in areas pertinent to the current IT environment. Given the rapidly changing landscape of present day information systems and technology, it is entirely appropriate to focus on recent and novel developments in the field. The focus for each section will vary, and in a “Directed Study” format, will be tailored specifically to the career and vocational interests of the student. When scheduled in lecture/seminar form, the topical subject matter will change at each offering; students should refer to the course listing bulletin for the current topic.